Is Apache Tomcat 8.5.100 patched?
Apache · cycle 8.5 · end of life · Official site ↗
5/100Critical · exploited
Minimum safe version9.0.118
8.5.100 has 11 open critical-or-high vulnerabilities. Run 9.0.118 or later to clear them. See what 9.0.118 fixes →
Known issues affecting 8.5.100
Exploited first, then by exploitation probability.
CVE-2025-24813 CRITICAL ● exploited EPSS 94% → fixed in 11.0.3 CVE-2026-29146 HIGH EPSS 13% → fixed in 11.0.20 CVE-2025-55752 HIGH EPSS 0% → fixed in 11.0.11 CVE-2020-8022 HIGH EPSS 0% → fixed in 9.0.35-3.57.3 CVE-2026-43512 CRITICAL EPSS 0% → fixed in 11.0.22 CVE-2025-55754 CRITICAL EPSS 0% → fixed in 11.0.11 CVE-2025-61795 MEDIUM EPSS 0% → fixed in 11.0.12 CVE-2026-43514 LOW EPSS 0% → fixed in 11.0.22 CVE-2026-43515 CRITICAL EPSS 0% → fixed in 11.0.22 CVE-2026-43513 HIGH EPSS 0% → fixed in 11.0.22 CVE-2026-41293 CRITICAL EPSS 0% → fixed in 11.0.22 CVE-2026-41284 HIGH EPSS 0% → fixed in 11.0.22 CVE-2026-42498 HIGH EPSS 0% → fixed in 11.0.22